Saved in:
Bibliographic Details
Main Authors: Nasir, Hira, Javed, Eiman, Shabir, Balawal, Jalil, Zunera, Mohsin, Ahmad
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2605.08910
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917476942479360
author Nasir, Hira
Javed, Eiman
Shabir, Balawal
Jalil, Zunera
Mohsin, Ahmad
author_facet Nasir, Hira
Javed, Eiman
Shabir, Balawal
Jalil, Zunera
Mohsin, Ahmad
contents The new wave of adversarial attacks that utilize gradient-related vulnerabilities in neural network-based classifiers makes Network Intrusion Detection Systems more open to such threats. Although state-of-the-art adversarial training methods have shown promising results in producing more robust classifiers, their interpretability and defense ability are limited due to their lack of understanding of how adversarial attacks propagate in different layers of network classifiers. In this paper, we present an insightful approach, called LARAR (Layer-wise Adversarial Robustness using Adaptive Regularization), that incorporates additional layer-wise vulnerability analysis and adaptive weighting in conventional adversarial training methods. Additionally, we utilize 'Auxiliary Classifiers' in our approach. LARAR provides interpretable layer-wise vulnerability scores, achieves a clean accuracy of 95.01%, and provides better robustness against adversarial attacks (FGSM, PGD, and transfer attacks) on the UNSW-NB15 dataset. Through the identification of vulnerable layers, the proposed framework reduces computational complexity and enables the early detection of adversarial samples, thus enhancing the effectiveness and interpretability of adversarial defense mechanisms in NIDS.
format Preprint
id arxiv_https___arxiv_org_abs_2605_08910
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Enhancing Adversarial Robustness in Network Intrusion Detection: A Layer-wise Adaptive Regularization Approach
Nasir, Hira
Javed, Eiman
Shabir, Balawal
Jalil, Zunera
Mohsin, Ahmad
Cryptography and Security
Machine Learning
The new wave of adversarial attacks that utilize gradient-related vulnerabilities in neural network-based classifiers makes Network Intrusion Detection Systems more open to such threats. Although state-of-the-art adversarial training methods have shown promising results in producing more robust classifiers, their interpretability and defense ability are limited due to their lack of understanding of how adversarial attacks propagate in different layers of network classifiers. In this paper, we present an insightful approach, called LARAR (Layer-wise Adversarial Robustness using Adaptive Regularization), that incorporates additional layer-wise vulnerability analysis and adaptive weighting in conventional adversarial training methods. Additionally, we utilize 'Auxiliary Classifiers' in our approach. LARAR provides interpretable layer-wise vulnerability scores, achieves a clean accuracy of 95.01%, and provides better robustness against adversarial attacks (FGSM, PGD, and transfer attacks) on the UNSW-NB15 dataset. Through the identification of vulnerable layers, the proposed framework reduces computational complexity and enables the early detection of adversarial samples, thus enhancing the effectiveness and interpretability of adversarial defense mechanisms in NIDS.
title Enhancing Adversarial Robustness in Network Intrusion Detection: A Layer-wise Adaptive Regularization Approach
topic Cryptography and Security
Machine Learning
url https://arxiv.org/abs/2605.08910